VDB
CVE-2020-3453
CVE-2020-3453
PUBLISHED
CVSS 8.600000381469727 HIGH
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series Routers could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands on the underlying operating system (OS) as a restricted user. For more information about these vulnerabilities, see the Details section of this advisory.
EPSS 1.04% · 77.8th percentile
Risk Scores
CVSS 4.0
8.600000381469727
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS Score
1.04%
77.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cisco | rv345_firmware | 0 |
| cisco | rv345p_firmware | 0 |
| Cisco | Cisco Small Business RV Series Router Firmware | n/a |
| cisco | rv340_firmware | 0 |
| cisco | rv340w_firmware | 0 |
Exploit Intelligence
Timeline
- Sep 2, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 8, 2021 EPSS Score
- Oct 11, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
References
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-osinj-rce-pwTkPCJv advisory
- https://nvd.nist.gov/vuln/detail/CVE-2020-3453 advisory
- https://www.zerodayinitiative.com/advisories/ZDI-20-1101 url
- https://www.zerodayinitiative.com/advisories/ZDI-20-1101/ advisory
- https://www.zerodayinitiative.com/advisories/ZDI-20-1100/ url